Queue IKEv1 INFORMATIONALS with higher priority to process notifies first
[strongswan.git] / src / libcharon / network / receiver.c
1 /*
2 * Copyright (C) 2008 Tobias Brunner
3 * Copyright (C) 2005-2006 Martin Willi
4 * Copyright (C) 2005 Jan Hutter
5 * Hochschule fuer Technik Rapperswil
6 *
7 * This program is free software; you can redistribute it and/or modify it
8 * under the terms of the GNU General Public License as published by the
9 * Free Software Foundation; either version 2 of the License, or (at your
10 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
11 *
12 * This program is distributed in the hope that it will be useful, but
13 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
14 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
15 * for more details.
16 */
17
18 #include <stdlib.h>
19 #include <unistd.h>
20
21 #include "receiver.h"
22
23 #include <daemon.h>
24 #include <network/socket.h>
25 #include <network/packet.h>
26 #include <processing/jobs/job.h>
27 #include <processing/jobs/process_message_job.h>
28 #include <processing/jobs/callback_job.h>
29 #include <crypto/hashers/hasher.h>
30
31 /** lifetime of a cookie, in seconds */
32 #define COOKIE_LIFETIME 10
33 /** how many times to reuse the secret */
34 #define COOKIE_REUSE 10000
35 /** default value for private_receiver_t.cookie_threshold */
36 #define COOKIE_THRESHOLD_DEFAULT 10
37 /** default value for private_receiver_t.block_threshold */
38 #define BLOCK_THRESHOLD_DEFAULT 5
39 /** length of the secret to use for cookie calculation */
40 #define SECRET_LENGTH 16
41 /** Length of a notify payload header */
42 #define NOTIFY_PAYLOAD_HEADER_LENGTH 8
43
44 typedef struct private_receiver_t private_receiver_t;
45
46 /**
47 * Private data of a receiver_t object.
48 */
49 struct private_receiver_t {
50 /**
51 * Public part of a receiver_t object.
52 */
53 receiver_t public;
54
55 /**
56 * Threads job receiving packets
57 */
58 callback_job_t *job;
59
60 /**
61 * current secret to use for cookie calculation
62 */
63 char secret[SECRET_LENGTH];
64
65 /**
66 * previous secret used to verify older cookies
67 */
68 char secret_old[SECRET_LENGTH];
69
70 /**
71 * how many times we have used "secret" so far
72 */
73 u_int32_t secret_used;
74
75 /**
76 * time we did the cookie switch
77 */
78 u_int32_t secret_switch;
79
80 /**
81 * time offset to use, hides our system time
82 */
83 u_int32_t secret_offset;
84
85 /**
86 * the RNG to use for secret generation
87 */
88 rng_t *rng;
89
90 /**
91 * hasher to use for cookie calculation
92 */
93 hasher_t *hasher;
94
95 /**
96 * require cookies after this many half open IKE_SAs
97 */
98 u_int32_t cookie_threshold;
99
100 /**
101 * how many half open IKE_SAs per peer before blocking
102 */
103 u_int32_t block_threshold;
104
105 /**
106 * Drop IKE_SA_INIT requests if processor job load exceeds this limit
107 */
108 u_int init_limit_job_load;
109
110 /**
111 * Drop IKE_SA_INIT requests if half open IKE_SA count exceeds this limit
112 */
113 u_int init_limit_half_open;
114
115 /**
116 * Delay for receiving incoming packets, to simulate larger RTT
117 */
118 int receive_delay;
119
120 /**
121 * Specific message type to delay, 0 for any
122 */
123 int receive_delay_type;
124
125 /**
126 * Delay request messages?
127 */
128 bool receive_delay_request;
129
130 /**
131 * Delay response messages?
132 */
133 bool receive_delay_response;
134 };
135
136 /**
137 * send a notify back to the sender
138 */
139 static void send_notify(message_t *request, int major, exchange_type_t exchange,
140 notify_type_t type, chunk_t data)
141 {
142 ike_sa_id_t *ike_sa_id;
143 message_t *response;
144 host_t *src, *dst;
145 packet_t *packet;
146
147 response = message_create(major, 0);
148 response->set_exchange_type(response, exchange);
149 response->add_notify(response, FALSE, type, data);
150 dst = request->get_source(request);
151 src = request->get_destination(request);
152 response->set_source(response, src->clone(src));
153 response->set_destination(response, dst->clone(dst));
154 if (major == IKEV2_MAJOR_VERSION)
155 {
156 response->set_request(response, FALSE);
157 }
158 response->set_message_id(response, 0);
159 ike_sa_id = request->get_ike_sa_id(request);
160 ike_sa_id->switch_initiator(ike_sa_id);
161 response->set_ike_sa_id(response, ike_sa_id);
162 if (response->generate(response, NULL, &packet) == SUCCESS)
163 {
164 charon->sender->send(charon->sender, packet);
165 }
166 response->destroy(response);
167 }
168
169 /**
170 * build a cookie
171 */
172 static chunk_t cookie_build(private_receiver_t *this, message_t *message,
173 u_int32_t t, chunk_t secret)
174 {
175 u_int64_t spi = message->get_initiator_spi(message);
176 host_t *ip = message->get_source(message);
177 chunk_t input, hash;
178
179 /* COOKIE = t | sha1( IPi | SPIi | t | secret ) */
180 input = chunk_cata("cccc", ip->get_address(ip), chunk_from_thing(spi),
181 chunk_from_thing(t), secret);
182 hash = chunk_alloca(this->hasher->get_hash_size(this->hasher));
183 this->hasher->get_hash(this->hasher, input, hash.ptr);
184 return chunk_cat("cc", chunk_from_thing(t), hash);
185 }
186
187 /**
188 * verify a received cookie
189 */
190 static bool cookie_verify(private_receiver_t *this, message_t *message,
191 chunk_t cookie)
192 {
193 u_int32_t t, now;
194 chunk_t reference;
195 chunk_t secret;
196
197 now = time_monotonic(NULL);
198 t = *(u_int32_t*)cookie.ptr;
199
200 if (cookie.len != sizeof(u_int32_t) +
201 this->hasher->get_hash_size(this->hasher) ||
202 t < now - this->secret_offset - COOKIE_LIFETIME)
203 {
204 DBG2(DBG_NET, "received cookie lifetime expired, rejecting");
205 return FALSE;
206 }
207
208 /* check if cookie is derived from old_secret */
209 if (t + this->secret_offset > this->secret_switch)
210 {
211 secret = chunk_from_thing(this->secret);
212 }
213 else
214 {
215 secret = chunk_from_thing(this->secret_old);
216 }
217
218 /* compare own calculation against received */
219 reference = cookie_build(this, message, t, secret);
220 if (chunk_equals(reference, cookie))
221 {
222 chunk_free(&reference);
223 return TRUE;
224 }
225 chunk_free(&reference);
226 return FALSE;
227 }
228
229 /**
230 * Check if a valid cookie found
231 */
232 static bool check_cookie(private_receiver_t *this, message_t *message)
233 {
234 packet_t *packet;
235 chunk_t data;
236
237 /* check for a cookie. We don't use our parser here and do it
238 * quick and dirty for performance reasons.
239 * we assume the cookie is the first payload (which is a MUST), and
240 * the cookie's SPI length is zero. */
241 packet = message->get_packet(message);
242 data = packet->get_data(packet);
243 if (data.len <
244 IKE_HEADER_LENGTH + NOTIFY_PAYLOAD_HEADER_LENGTH +
245 sizeof(u_int32_t) + this->hasher->get_hash_size(this->hasher) ||
246 *(data.ptr + 16) != NOTIFY ||
247 *(u_int16_t*)(data.ptr + IKE_HEADER_LENGTH + 6) != htons(COOKIE))
248 {
249 /* no cookie found */
250 packet->destroy(packet);
251 return FALSE;
252 }
253 data.ptr += IKE_HEADER_LENGTH + NOTIFY_PAYLOAD_HEADER_LENGTH;
254 data.len = sizeof(u_int32_t) + this->hasher->get_hash_size(this->hasher);
255 if (!cookie_verify(this, message, data))
256 {
257 DBG2(DBG_NET, "found cookie, but content invalid");
258 packet->destroy(packet);
259 return FALSE;
260 }
261 return TRUE;
262 }
263
264 /**
265 * Check if we should drop IKE_SA_INIT because of cookie/overload checking
266 */
267 static bool drop_ike_sa_init(private_receiver_t *this, message_t *message)
268 {
269 u_int half_open;
270
271 half_open = charon->ike_sa_manager->get_half_open_count(
272 charon->ike_sa_manager, NULL);
273
274 /* check for cookies in IKEv2 */
275 if (message->get_major_version(message) == IKEV2_MAJOR_VERSION &&
276 this->cookie_threshold && half_open >= this->cookie_threshold &&
277 !check_cookie(this, message))
278 {
279 u_int32_t now = time_monotonic(NULL);
280 chunk_t cookie = cookie_build(this, message, now - this->secret_offset,
281 chunk_from_thing(this->secret));
282
283 DBG2(DBG_NET, "received packet from: %#H to %#H",
284 message->get_source(message),
285 message->get_destination(message));
286 DBG2(DBG_NET, "sending COOKIE notify to %H",
287 message->get_source(message));
288 send_notify(message, IKEV2_MAJOR_VERSION, IKE_SA_INIT, COOKIE, cookie);
289 chunk_free(&cookie);
290 if (++this->secret_used > COOKIE_REUSE)
291 {
292 /* create new cookie */
293 DBG1(DBG_NET, "generating new cookie secret after %d uses",
294 this->secret_used);
295 memcpy(this->secret_old, this->secret, SECRET_LENGTH);
296 this->rng->get_bytes(this->rng, SECRET_LENGTH, this->secret);
297 this->secret_switch = now;
298 this->secret_used = 0;
299 }
300 return TRUE;
301 }
302
303 /* check if peer has too many IKE_SAs half open */
304 if (this->block_threshold &&
305 charon->ike_sa_manager->get_half_open_count(charon->ike_sa_manager,
306 message->get_source(message)) >= this->block_threshold)
307 {
308 DBG1(DBG_NET, "ignoring IKE_SA setup from %H, "
309 "peer too aggressive", message->get_source(message));
310 return TRUE;
311 }
312
313 /* check if global half open IKE_SA limit reached */
314 if (this->init_limit_half_open &&
315 half_open >= this->init_limit_half_open)
316 {
317 DBG1(DBG_NET, "ignoring IKE_SA setup from %H, half open IKE_SA "
318 "count of %d exceeds limit of %d", message->get_source(message),
319 half_open, this->init_limit_half_open);
320 return TRUE;
321 }
322
323 /* check if job load acceptable */
324 if (this->init_limit_job_load)
325 {
326 u_int jobs = 0, i;
327
328 for (i = 0; i < JOB_PRIO_MAX; i++)
329 {
330 jobs += lib->processor->get_job_load(lib->processor, i);
331 }
332 if (jobs > this->init_limit_job_load)
333 {
334 DBG1(DBG_NET, "ignoring IKE_SA setup from %H, job load of %d "
335 "exceeds limit of %d", message->get_source(message),
336 jobs, this->init_limit_job_load);
337 return TRUE;
338 }
339 }
340 return FALSE;
341 }
342
343 /**
344 * Job callback to receive packets
345 */
346 static job_requeue_t receive_packets(private_receiver_t *this)
347 {
348 ike_sa_id_t *id;
349 packet_t *packet;
350 message_t *message;
351 status_t status;
352 bool supported = TRUE;
353
354 /* read in a packet */
355 status = charon->socket->receive(charon->socket, &packet);
356 if (status == NOT_SUPPORTED)
357 {
358 /* the processor destroys this job */
359 this->job = NULL;
360 return JOB_REQUEUE_NONE;
361 }
362 else if (status != SUCCESS)
363 {
364 DBG2(DBG_NET, "receiving from socket failed!");
365 return JOB_REQUEUE_FAIR;
366 }
367
368 /* parse message header */
369 message = message_create_from_packet(packet);
370 if (message->parse_header(message) != SUCCESS)
371 {
372 DBG1(DBG_NET, "received invalid IKE header from %H - ignored",
373 packet->get_source(packet));
374 message->destroy(message);
375 return JOB_REQUEUE_DIRECT;
376 }
377
378 /* check IKE major version */
379 switch (message->get_major_version(message))
380 {
381 case IKEV2_MAJOR_VERSION:
382 #ifndef USE_IKEV2
383 if (message->get_exchange_type(message) == IKE_SA_INIT &&
384 message->get_request(message))
385 {
386 send_notify(message, IKEV1_MAJOR_VERSION, INFORMATIONAL_V1,
387 INVALID_MAJOR_VERSION, chunk_empty);
388 supported = FALSE;
389 }
390 #endif /* USE_IKEV2 */
391 break;
392 case IKEV1_MAJOR_VERSION:
393 #ifndef USE_IKEV1
394 if (message->get_exchange_type(message) == ID_PROT ||
395 message->get_exchange_type(message) == AGGRESSIVE)
396 {
397 send_notify(message, IKEV2_MAJOR_VERSION, INFORMATIONAL,
398 INVALID_MAJOR_VERSION, chunk_empty);
399 supported = FALSE;
400 }
401 #endif /* USE_IKEV1 */
402 break;
403 default:
404 #ifdef USE_IKEV2
405 send_notify(message, IKEV2_MAJOR_VERSION, INFORMATIONAL,
406 INVALID_MAJOR_VERSION, chunk_empty);
407 #endif /* USE_IKEV2 */
408 #ifdef USE_IKEV1
409 send_notify(message, IKEV1_MAJOR_VERSION, INFORMATIONAL_V1,
410 INVALID_MAJOR_VERSION, chunk_empty);
411 #endif /* USE_IKEV1 */
412 supported = FALSE;
413 break;
414 }
415 if (!supported)
416 {
417 DBG1(DBG_NET, "received unsupported IKE version %d.%d from %H, sending "
418 "INVALID_MAJOR_VERSION", message->get_major_version(message),
419 message->get_minor_version(message), packet->get_source(packet));
420 message->destroy(message);
421 return JOB_REQUEUE_DIRECT;
422 }
423 if (message->get_request(message) &&
424 message->get_exchange_type(message) == IKE_SA_INIT)
425 {
426 if (drop_ike_sa_init(this, message))
427 {
428 message->destroy(message);
429 return JOB_REQUEUE_DIRECT;
430 }
431 }
432 if (message->get_exchange_type(message) == ID_PROT ||
433 message->get_exchange_type(message) == AGGRESSIVE)
434 {
435 id = message->get_ike_sa_id(message);
436 if (id->get_responder_spi(id) == 0 &&
437 drop_ike_sa_init(this, message))
438 {
439 message->destroy(message);
440 return JOB_REQUEUE_DIRECT;
441 }
442 }
443
444 if (this->receive_delay)
445 {
446 if (this->receive_delay_type == 0 ||
447 this->receive_delay_type == message->get_exchange_type(message))
448 {
449 if ((message->get_request(message) && this->receive_delay_request) ||
450 (!message->get_request(message) && this->receive_delay_response))
451 {
452 DBG1(DBG_NET, "using receive delay: %dms",
453 this->receive_delay);
454 lib->scheduler->schedule_job_ms(lib->scheduler,
455 (job_t*)process_message_job_create(message),
456 this->receive_delay);
457 return JOB_REQUEUE_DIRECT;
458 }
459 }
460 }
461 lib->processor->queue_job(lib->processor,
462 (job_t*)process_message_job_create(message));
463 return JOB_REQUEUE_DIRECT;
464 }
465
466 METHOD(receiver_t, destroy, void,
467 private_receiver_t *this)
468 {
469 if (this->job)
470 {
471 this->job->cancel(this->job);
472 }
473 this->rng->destroy(this->rng);
474 this->hasher->destroy(this->hasher);
475 free(this);
476 }
477
478 /*
479 * Described in header.
480 */
481 receiver_t *receiver_create()
482 {
483 private_receiver_t *this;
484 u_int32_t now = time_monotonic(NULL);
485
486 INIT(this,
487 .public = {
488 .destroy = _destroy,
489 },
490 .secret_switch = now,
491 .secret_offset = random() % now,
492 );
493
494 if (lib->settings->get_bool(lib->settings, "charon.dos_protection", TRUE))
495 {
496 this->cookie_threshold = lib->settings->get_int(lib->settings,
497 "charon.cookie_threshold", COOKIE_THRESHOLD_DEFAULT);
498 this->block_threshold = lib->settings->get_int(lib->settings,
499 "charon.block_threshold", BLOCK_THRESHOLD_DEFAULT);
500 }
501 this->init_limit_job_load = lib->settings->get_int(lib->settings,
502 "charon.init_limit_job_load", 0);
503 this->init_limit_half_open = lib->settings->get_int(lib->settings,
504 "charon.init_limit_half_open", 0);
505 this->receive_delay = lib->settings->get_int(lib->settings,
506 "charon.receive_delay", 0);
507 this->receive_delay_type = lib->settings->get_int(lib->settings,
508 "charon.receive_delay_type", 0),
509 this->receive_delay_request = lib->settings->get_bool(lib->settings,
510 "charon.receive_delay_request", TRUE),
511 this->receive_delay_response = lib->settings->get_int(lib->settings,
512 "charon.receive_delay_response", TRUE),
513
514 this->hasher = lib->crypto->create_hasher(lib->crypto, HASH_PREFERRED);
515 if (this->hasher == NULL)
516 {
517 DBG1(DBG_NET, "creating cookie hasher failed, no hashers supported");
518 free(this);
519 return NULL;
520 }
521 this->rng = lib->crypto->create_rng(lib->crypto, RNG_STRONG);
522 if (this->rng == NULL)
523 {
524 DBG1(DBG_NET, "creating cookie RNG failed, no RNG supported");
525 this->hasher->destroy(this->hasher);
526 free(this);
527 return NULL;
528 }
529 this->rng->get_bytes(this->rng, SECRET_LENGTH, this->secret);
530 memcpy(this->secret_old, this->secret, SECRET_LENGTH);
531
532 this->job = callback_job_create_with_prio((callback_job_cb_t)receive_packets,
533 this, NULL, NULL, JOB_PRIO_CRITICAL);
534 lib->processor->queue_job(lib->processor, (job_t*)this->job);
535
536 return &this->public;
537 }
538